<?php
/*
 * @Author: your name
 * @Date: 2021-07-23 11:55:54
 * @LastEditTime: 2021-07-27 16:03:26
 * @LastEditors: Please set LastEditors
 * @Description: In User Settings Edit
 * @FilePath: /html/sa-api.mvpchat.cn/app/Http/Middleware/CORS.php
 */

namespace App\Http\Middleware;

use Closure;

class Cors
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        $response = $next($request);
        $origin = $request->header('origin') ? $request->header('origin') : $request->header('referer');
        $allow_origin = [
          'http://localhost:9527','http://192.168.0.112:9527','http://polarisbar.com','http://www.polarisbar.com'
        ];
        if (in_array($origin, $allow_origin)) {
            $response->header('Access-Control-Allow-Origin', $origin);
            $response->header('Access-Control-Allow-Headers', 'Origin, Content-Type, Cookie,X-Requested-With,Set-Cookie,Access-Token, X-Token,X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN');
            $response->header('Access-Control-Expose-Headers', '*');
            $response->header('Access-Control-Allow-Methods', '*');
            $response->header('Access-Control-Allow-Credentials', 'true');
        }
        return $response;
    }
}
